From e0a906d23837c11c94688e295bfc72bdcef59152 Mon Sep 17 00:00:00 2001 From: chenxinquan Date: Tue, 18 Jun 2024 11:05:00 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E6=88=90SessionBus=E6=A3=80=E6=B5=8B?= =?UTF-8?q?=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- data/DBus/SessionBus/session_bus_check.py | 79 +++++++++++++++++++++ data/DBus/SessionBus/session_bus_check.yaml | 24 +++++++ 2 files changed, 103 insertions(+) create mode 100644 data/DBus/SessionBus/session_bus_check.py create mode 100644 data/DBus/SessionBus/session_bus_check.yaml diff --git a/data/DBus/SessionBus/session_bus_check.py b/data/DBus/SessionBus/session_bus_check.py new file mode 100644 index 0000000..a541f26 --- /dev/null +++ b/data/DBus/SessionBus/session_bus_check.py @@ -0,0 +1,79 @@ +# [OK] 为验证通过 +# [WARNING] 为风险提示 + +import subprocess +import os +import sys + +arg_lang = "" + +################################ +# 常量 + +# for get_env_lang() +STR_GET_ENV_LANG_ZH = "语言环境为中文" +STR_GET_ENV_LANG_EN = "语言环境为英文" +STR_GET_ENV_LANG_UNKNOW = "语言环境未知" + +# for is_root() +STR_IS_ROOT_TRUE = "当前用户为root权限" +STR_IS_ROOT_FALSE = "当前用户没有root权限" + +################################ +# 环境检查函数 + +def get_env_lang(): +# lang = os.getenv("LANG") +# if lang.startswith("zh"): +# return STR_GET_ENV_LANG_ZH +# elif lang.startswith("en"): +# return STR_GET_ENV_LANG_EN +# else: +# return STR_GET_ENV_LANG_UNKNOW +# + if arg_lang == "zh": + return STR_GET_ENV_LANG_ZH + elif arg_lang == "en": + return STR_GET_ENV_LANG_EN + else: + return STR_GET_ENV_LANG_UNKNOW + +def is_root(): + if os.geteuid() == 0: + print(STR_IS_ROOT_TRUE) + return True + else: + print(STR_IS_ROOT_FALSE) + return False + +################################ +# 辅助函数 +def l_print(zh_str, en_str) : + if STR_GET_ENV_LANG_ZH == get_env_lang() : + print(zh_str); + else : + print(en_str); + +################################ +# 功能函数 + +# MySQL空口令检查 +def check_mysql_empty_password(ip, port, username): + try: + output = subprocess.run(['mysql', '-uroot'], input="exit\n", text=True,capture_output=True) + # output = output.decode('utf-8').strip() + # output = subprocess.Popen('ls',shell=True,close_fds=True) + # output.kill() + if output.returncode == 0: + l_print(f"[WARNING] 检测到MySQL空密码: {ip}:{port}", + f"[WARNING] MySQL empty password detected for {ip}:{port}") + else: + l_print(f"[OK] MySQL空密码检查已通过: {ip}:{port}", + f"[OK] MySQL empty password check passed for {ip}:{port}") + except Exception as e: + l_print(f"[OK] MySQL空密码检查已通过: {ip}:{port}", + f"[OK] MySQL empty password check passed for {ip}:{port}") +if __name__ == '__main__': + arg_lang = sys.argv[1] + + check_mysql_empty_password("localhost", 3306, "song") diff --git a/data/DBus/SessionBus/session_bus_check.yaml b/data/DBus/SessionBus/session_bus_check.yaml new file mode 100644 index 0000000..9dcc0e3 --- /dev/null +++ b/data/DBus/SessionBus/session_bus_check.yaml @@ -0,0 +1,24 @@ +FormatVer: 20230518 +Id: check_mysql_empty_password +Belong: baseline +Power : +SiteInfo: + Severity: medium + Name: 本地服务检测 -- 检测mysql空口令 +SiteRequests: + Implement: + ImArray: + - Inter : python3 + InterArgs : + Exec : check_mysql_empty_password.py + Args : + - zh + Inter: + - "[WARNING]" + Condition: None +RepairArgs: + - Inter : + InterArgs : + Exec : '' + Args: + RepairPower: # root权限或者普通用户权限